Skip to main content

Canonical Multipass CVE-2026-49237

| EUVD-2026-32900 HIGH
Incorrect Default Permissions (CWE-276)
2026-05-28 security@ubuntu.com
Privilege Escalation Apple Canonical
7.8
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Patch available
May 28, 2026 - 15:01 EUVD
Analysis Generated
May 28, 2026 - 14:31 vuln.today
CVE Published
May 28, 2026 - 14:16 nvd
HIGH 7.8

DescriptionNVD

An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd daemon binary to root:wheel, five co-located binaries (multipass, qemu-img, qemu-system-aarch64, qemu-system-x86_64, and sshfs_server) in /Library/Application Support/com.canonical.multipass/bin/ retain ownership by the installing user and remain writable. Because the root LaunchDaemon (com.canonical.multipassd.plist) configures a PATH environment variable that prioritizes this user-writable directory and invokes these auxiliary binaries by their bare names, a local attacker can replace an auxiliary binary (such as qemu-img) with a malicious wrapper. When the root daemon subsequently triggers the binary during routine execution (e.g., via multipass launch), the malicious code executes with root privileges, leading to local privilege escalation.

AnalysisAI

Local privilege escalation in Canonical Multipass for macOS before 1.16.3 allows a low-privileged local user to obtain root execution by replacing co-located auxiliary binaries that the multipassd LaunchDaemon invokes via a user-writable PATH directory. The flaw is an incomplete remediation of CVE-2025-5199: while 1.16.0 corrected ownership of the multipassd binary itself, five sibling binaries (multipass, qemu-img, qemu-system-aarch64, qemu-system-x86_64, sshfs_server) were left owned by the installing user and writable, enabling binary planting. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify and inventory all macOS systems running affected Multipass versions (prior to 1.16.3); restrict non-essential local user account access on affected systems. Within 7 days: Implement restrictive PATH configuration on multipassd LaunchDaemon processes to block binary planting; enable enhanced audit logging for privilege escalation attempts. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2026-47114 HIGH POC
8.6 May 21

Arbitrary command execution in IINA media player for macOS versions prior to 1.4.3 allows remote attackers to run shell

CVE-2026-44739 HIGH
8.7 May 27

SQL injection in Pimcore's CustomReportsBundle (versions ≤ 12.3.5) lets an authenticated user holding the reports_config
CVE-2026-49238 HIGH
8.4 May 28

Virtual machine escape in Canonical Multipass before 1.16.3 allows a root user inside a guest VM to read arbitrary files
CVE-2026-5817 HIGH
8.2 May 22

Arbitrary code execution in Docker Model Runner's vllm-metal inference backend on macOS allows any container on the Dock
CVE-2026-5843 HIGH
8.2 May 22

Arbitrary code execution in Docker Desktop's Model Runner on macOS allows any container on the Docker network to escape

Share

CVE-2026-49237 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy